Cyber Security Manager®

csm-virtual
( + )

Cyber Security Manager®

8 Days, 5 Professional Certifications

This course is well suited to Managers in charge of Cybersecurity, Risk Management and IT Operations. It covers the management concepts, challenges, capacities, plans and strategies as well as technology aspects and deciding factors in determining and implementing best management principles. The CSM® certification strengthens the operational awareness of future technologies, leading to effective management of cybersecurity by enhancing and preparing professionals for process advancements.

8 Days Classroom Session
5 Professional Certifications Available
Private Organization Training Available

Course Description

This course is well suited to Managers in charge of Cybersecurity, Risk Management and IT Operations. It covers the management concepts, challenges, capacities, plans and strategies as well as technology aspects and deciding factors in determining and implementing best management principles. The CSM® certification strengthens the operational awareness of future technologies, leading to effective management of cybersecurity by enhancing and preparing professionals for process advancements.

Who should take this course?

  • Managers
  • Executives
  • Directors
  • Strategic Planners
  • Professionals

what you study

The CSM® course focuses on best practices to be applied, methodologies and approach to enhance the long-run objectives as well as Cybersecurity daily operations.

Learning Outcomes

This course teaches how to streamline processes, increase efficiency and productivity whilst maintaining a highly Cybersecure Application Ecosystem. The core concepts are based on demonstrated principles, which are optimized from lessons learned from Cybersecurity front-runners.

Prerequisites

  • None.

Course Features

  • Course Code CSM
  • Sessions 8
  • Duraion 8 Days
  • Track Cyber Security Management
  • Language English
  • Public Yes
  • Virtual Availability Yes
  • Private Availability Yes
  • Certificate Yes
  • Assessment Yes

    Day 1

    Introduction

    Cybersecurity Overview

    • The outset of Cybersecurity
    • Governance
    • Risk Integration
    • Legislative Requirement
    • Security Requirement
    • Internal Threats
    • External Threats
    • Physical Security Threats
    • Cybercrime: Leading Business Risk Globally
    • Major Cyber Breaches
    • Cybersecurity Complexity
    • Infinity Paradigm
    • Definition of Cybersecurity
    • Cybersecurity Principles

    Cybersecurity Principles

    • The Layers
    • The Four Principles
    • Principle 1 & its key Activities
    • Principle 2 & its key Activities
    • Principle 3 & its key Activities
    • Principle 4 & its key Activities

    Cybersecurity Dimensions: Attack & Defense

    • Cybersecurity Attack
    • Security Threat to Networks
    • Two types of Attacks
    • Stages of an Attack
    • Cybersecurity Defense
    • Layered Security & Configuration of Perimeter
    • Firewall
    • Intrusion Detection & Penetration System

    Cybersecurity Risk & Consequences

    • Consequences of Attack
    • Maturity
    • Culture Shift
    • Appetite
    • Advice
    • Putting a Price on Risk

    Day 2

    Cybersecurity Trends

    • Understanding the threat landscape
    • Common Threat Agents and Vulnerabilities
    • Zero-Day Vulnerabilities
    • Attributes of Cyber Attack
    • Understanding the attributes of an Attack
    • Malware & Types of attack
    • Obfuscation and Mutations in Malware

    Weaknesses of Existing Cybersecurity Standards

    • Available standards
    • Weaknesses of existing standards
    • Why IDCA is critical to filling the gaps

    Network Access Control & Wireless Network Security

    • An Overview of Network Access Control (NAC)
    • NAC Policies
    • The Network Access Control/Network Access Protection (NAC/NAP) Client/Agent
    • The Enforcement Points
    • Enforcement Point Action
    • Authentication and Authorization
    • NIST & Cybersecurity
    • ISO 27001 For Information Security

    Cybersecurity in Cloud

    • Types of Cloud Assets
    • Compute Assets
    • Storage Assets
    • Network Assets
    • Asset Management Pipeline
    • Procurement Leaks
    • Processing Leaks
    • Finding Leaks
    • Protecting data in the cloud
    • Tokenization
    • Encryption

    Cybersecurity for IoT and Edge/or 5G Computing

    • IoT Security Challenges & Landscape
    • Why IoT Security devices are targeted
    • Edge Motivation
    • Edge Definition
    • Evolution of IT Computing Models
    • Advantages of Edge Computing
    • Edge Layered Stack
    • OWASP (Open Web Application Security Project) Top 10 Internet of Things

    Examination

    Day 1

    Cybersecurity Overview

    • Cybersecurity Complexity
    • Malware & Types of Attacks

    Governance

    • Governance Objectives
    • Governance for Cybersecurity
    • Effective Cybersecurity Programme Governance
    • Cybersecurity Governance: Meaningful Vs Meaningless
    • Cybersecurity Governance Pillars
    • Cybersecurity Organizational Structure

    Risk Management

    • Cybersecurity Risk oversight of the Board
    • Cybersecurity Risk management Principles
    • Cybersecurity Risk Policies & Procedures
    • Cybersecurity Risk Strategic Performance Management
    • Cybersecurity Standards & Frameworks
    • Cybersecurity Risks: Identify, Analyze and Evaluate
    • How to treat Cybersecurity Risk
    • Using Process Capabilities to Treat Cybersecurity Risks
    • Using Insurance and Finance to Treat Cybersecurity Risks

    Physical IT-Related Asset management

    • Build, Buy or Update: Embedding Cybersecurity Requirements and Establishing Best Practices
    • Governance & Planning
    • Development & Implementation
    • End of Useful Life and Disposal
    • Specific Considerations
      • Commercial Off-the-Shelf Applications
      • Cloud/SaaS Applications
    • Physical Security
      • Commit To a Plan
      • Physical Security Risk Landscape View and the Impact on Cybersecurity
      • Manage/Review the Cybersecurity Organization
      • Design/Review Integrated Security Measures
    • Data Center Scenario Reworked
      • Understanding Objectives for Security Measures
      • Understanding Controls for the Data Center Scenario
    • Calculate/Review Exposure to Adversarial Attacks
      • Simulating the Path of an Adversary
      • Calculate the Probability of Interrupting & Disrupting the Adversary
    • Optimize Return on Security Investment

    Vulnerability Identification and Management: Treating Cybersecurity Risks

    • Introduction
    • Identity & Access Management
    • Policy
    • Establish Identities
    • Create Identities
    • User ID Revocation
    • Enterprise IT Governance
    • Reduced Security Costs
    • Penetration Testing

    Day 2

    Threat Identification & Handling Management: Identify, Analyze & Evaluate

    • The Risk Landscape
    • The People Factor
    • Assessing & Managing Risk: A structured Approach
    • Cybersecurity Culture
    • Regulatory Compliance
    • Maturity Compliance
    • Protection Prioritised

    Cybersecurity Incident and Crisis Management

    • Cybersecurity Incident Management Overview
    • Cybersecurity Incident Response Overview
    • Cybersecurity Incident Response Plan & Processes
    • Cybersecurity Incident Response Team (CSIRT)
    • Technical Response Capabilities Development
    • Build and Maintain Capabilities
    • Incident Timelines

    Integrating Cybersecurity & Business Continuity Management

    • What is Business Continuity
    • ISO 22301 Overview
    • BCM Lifecycle
    • Understand/Analyze the organization and Integrate with Cybersecurity
    • Determine BCM Strategy & Integrate with Cybersecurity
    • Developing and Implementing BCM Responses, Integrate with Cybersecurity
    • Exercising/Validating BCM and integrate with Cybersecurity
    • BCM Policy & Programme Management
    • Embedding BCM in the organizational culture

    Organizational Structure

    • Having the Right People
    • Establishing the Team
    • What are the Established Performance Standards?

    Human Factors and Culture

    • Technology Investment vs Investing in People
    • Business Email Compromise (BEC)
    • Organizations as Social Systems
    • Cybersecurity More Than a Technology Problem
    • Organizational Culture
    • Cybersecurity and Human Factors
    • Insider Threats
    • Social Engineering Threats
    • Cybersecurity Training & Awareness
    • Measures Against Business Email Compromise
    • Human Factors & Technology Trends
    • Metrics

    The Application Ecosystem

    Day 3

    Application Security

    • Application Security Terminology
    • Risk Calculation Models
    • Calculation of Application Security Risk
    • Application Security Best Practices

    Application Ecosystem Management: Cybersecurity Day-to-Day Operations

    • Controls Management
      • Security Controls
      • Asset Management
    • Change Management
      • The Importance of Managing Change
      • When should Changes be Made?
      • What are the Impact Changes bring?
      • The safeguard Effect of Internal Control in Change Management
      • Organizational Change Management
    • Access Control
      • Access Control & A New Perspective
      • Organizations requirements for Access Control
      • User Access Management
      • User Registration and Deregistration
      • Access Provisioning for Users
      • Privileged Access Rights Management
      • Users Secret Authentication Information Management
      • User Access Under Review
      • User Rights: Removal & Adjustments
      • Responsibility of Users
      • Application & System Access Control
      • Access Restriction to Information
      • Procedures for Secure-Logins
      • Password Management System
      • Privileged Utility Programs Usage
      • Program Source Code & Controlled Access
    • External Context & Supply Chain
      • Overview
      • Supply Chain Support Strategy
      • Planning How to Create Supply Relationships
      • How to Identify Competent External Suppliers
      • Relationship Management
    • Maintaining Situational Awareness
      • Overview
      • Situational Awareness Plan
      • Situational Awareness Process

    Cybersecurity Service Level Agreement

    • Overview
    • Purpose
    • Attributes
    • General Parts of SLA
    • SLA Service Performance
    • SLA Constraints & Service Management
    • SLAs Dos & Don’ts

    Examination

    Day 1

    Network Security Systems Technologies

    • Network Access Control
    • ZTNA (Zero Trust Network Access) as a Service
    • Network Detection and Response (NDR)
    • Unified Threat Management (UTM)
    • Microsegmentation Software
    • Firewalls
    • Intrusion Detection and Prevention Software
    • SSL/TLS Decryption
    • SSL VPN
    • Firewall Security Management
    • Advanced Threat Protection
    • IoT Security
    • Enterprise Infrastructure VPN

    Enterprise Networking Technologies

    • Network Virtualization
    • Wireless LAN
    • Wireless WAN
    • WAN Edge
    • Web Security Gateways

    Internet Management Technologies

    • Internet Security
    • DNS Security

    Security Services Technologies

    • Managed Security Services
    • Customer Identity and Access Management
    • Managed Detection and Response (MDR)
    • Web Application Firewall (WAF)
    • DDoS
    • Privileged Access Management

    Application Security Technologies

    • Application Security
    • Software Configuration Management
    • Patch Management

    Day 2

    Security Software Technologies:

    • Virtualization Security
    • Mobile Identity Solutions
    • Container Security
    • Threat Intelligence Platforms
    • Security Incident Response
    • Directory Servers
    • Active Directory Bridge
    • Digital Asset Security Platforms
    • Extended Detection and Response (XDR)
    • Endpoint Detection and Response (EDR)
    • Cloud Workload Security
    • Mobile Threat Defense
    • Single Sign-On (SSO)
    • Data Loss Prevention
    • Security Information and Event Management (SIEM)
    • Vulnerability Management
    • Endpoint Protection (EPP) for Business
    • Fraud Detection and Prevention
    • Web Content Filtering
    • Identity Management (IM)
    • Endpoint Encryption
    • Mobile Data Protection
    • Cloud Access Security Brokers
    • Access Management
    • Security Orchestration Automation and Response (SOAR)
    • Active Directory Management
    • Secure Access Service Edge (SASE)
    • Enterprise Password Managers
    • User Behavior Analytics - UEBA
    • Cloud and Data Center Security
    • Endpoint Compliance
    • Identity and Access Management as a Service (IDaaS)
    • Anti-Malware Tools

    Day 3

    Access Control Technologies:

    • Physical Access Control
    • Barriers
    • Bollards
    • Turnstiles and Portals
    • Guard Facilities

    Token and Cipher Systems:

    • Identification Cards and Badges
    • Keycard Door Systems
    • Cipher Lock
    • Magnetic Stripe Cards
    • Contact Smart Card
    • Contactless Smart Card
    • Wiegand Cards
    • Key Fobs

    Biometric Access Control Technologies:

    • Facial Recognition
    • Fingerprint Recognition
    • Hand/Finger Geometry Recognition
    • Vascular Pattern Recognition
    • Iris Recognition
    • Retina Scan
    • Voice Recognition
    • Signature Dynamics Recognition
    • Multimodal

    Examination

    IDCA Courses

    Save & Share Cart
    Your Shopping Cart will be saved and you'll be given a link. You, or anyone with the link, can use it to retrieve your Cart at any time.
    Back Save & Share Cart
    Your Shopping Cart will be saved with Product pictures and information, and Cart Totals. Then send it to yourself, or a friend, with a link to retrieve it at any time.
    Your cart email sent successfully :)